• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Plesk won't work with IPTables

E

echolima

Guest
I have installed Plesk to try it on a Fedora Core 2 server. I am behind a router and don't know quite how to configure iptables. If I turn iptables off I can get to the admin section but cannot if I turn on the iptables. Any help and/or adivce would be appreciated. Thank you.
 
Plesk runs on TCP port 8443, so add a rule to iptables to allow TCP 8443.

If you aren't comfortable managing iptables rules manually, I'd recommend using apf as it is very robust, and has pretty easy to use configuration files.
 
I knew I had to add port 8443 and a few other ports but how do I enter that in iptables? Does anybody have any examples I can go from?
 
The easiest way to do it (on a RH based system) is simply edit /etc/sysconfig/iptables & restart iptables after you make the changes. The rules themselves your look something like:

-A INPUT -p tcp -m tcp --dport 8443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT

etc...
 
What are the risks of having the iptables off if behind a router?
 
Obviously the risks are much higher if you are not filtering on the server, and do not have a real firewall between it and the internet. That being said, a firewall in and of itself wont protect your server. It is just another layer of security. Your server will most likely be compromised through a port that you must allow through the firewall anyway (http, dns, smtp, etc). However, if used in conjunction with something like BFD, and/or mod_evasive you can at least mitigate such attacks. BFD is cool because it works in conjunction with APF. You set a threshold, and it "watches" the ports you tell it to. When someone tries to brute force attack a port/service, it will automatically inject a rule into your iptables for the offending IP.

There are a lot of things you can do to help secure your server, but as it has been said in the past, the only way to secure a server is to turn it off.
 
You must log in or register to reply here.

Similar threads

E
Resolved NGinx deny rules and Firewall (iptables?)
Replies
4
Views
1K
epertinez
E
Tim_Wakeling
Issue Firewall suddenly took Plesk down overnight
2
Replies
23
Views
2K
Peter Debik
P
Quinten
Resolved Use domain alias as main domain in Wordpress
Replies
4
Views
392
Quinten
Quinten
llucas
Question IP Address Banning (Fail2Ban) Configuration
Replies
2
Views
135
llucas
llucas
K
Question How to prevent Plesk Panel Slow
Replies
3
Views
267
Peter Debik
P
Back
Top